The same group that tried to ransom Rockstar over GTA 6 says it has breached user data from Armenian GeForce Now servers

Last week, hacking group ShinyHunters took to a black hat hacking forum to share that it had successfully breached Nvidia's GeForce Now and was looking to sell "millions of real user records" to the highest bidder. However, Nvidia seems to claim that's not quite the case.

As originally spotted by The Cybersec Guru, ShinyHunters claims to have "pulled their entire database straight from the backend" with users' first and last names, email addresses, dates of birth, membership status, 2FA status, and more.

The mention of 2FA status is important here, as bad actors could effectively ignore any account with extra protective measures to get a better hit rate when trying to get access to users' accounts.

However, according to a statement given to VideoCardz from Nvidia:

"Our investigation found no impact to Nvidia-operated services. The issue is limited to systems run by a third-party GeForce Now Alliance partner based in Armenia. We are working closely with the partner to support their investigation and resolution. Impacted users will be notified by GFN.am.”

One thing not made clear here is how much actual information ShinyHunters has. Nvidia specifically cites the operation of its services, and not the security and health of accounts on that service. Unless you live in Armenia and have an account through Nvidia's Armenian GeForce Now provider (GFN.am), you are unlikely to be affected by the breach, but Armenian users should keep an eye on the site and activate 2FA at a minimum, but preferably also change their password.

This unfortunately does not necessarily account for users who no longer subscribe to the service, so hopefully they will get other forms of communication too.

Still, even after all of this is done, ShinyHunters claims it has a list of email addresses, so it's worth being extra vigilant of phishing and spam emails going forward.

If the name ShinyHunters is familiar to you, there's a good chance it is because, just last month, it demanded a ransom for Rockstar in regard to data it managed to steal. After Rockstar refused to pay the fee, ShinyHunters revealed the data, and our Andy Chalk reckons Rockstar was right not to pay. We don't know what processes Nvidia will implement from here, but here's hoping its providers continue to brush up on their cybersecurity.